Experts from FTI Technology were recently engaged to conduct a complex investigation across numerous locations and more than 80 custodians for a large pharmaceutical recall and resulting lawsuits. Over the course of more than 18 months, the team overcame complex challenges relating to cross-border data transfer issues, Chinese state secrets restrictions and global data privacy regulations. We recently discussed the matter with Senior Managing Director Veeral Gosalia and Director Jonathan Roberts to reveal lessons learned from the case’s unique challenges and FTI Technology’s approach to solving them.
Veeral, Jonathan, let’s start by discussing the scope of the project. What was the backdrop for FTI Technology’s work on this case?
Roberts: This case started in the wake of a Food & Drug Administration recall of a drug that was thought to contain a harmful contaminant. Numerous lawsuits were filed against the manufacturer, which were later consolidated into a class action litigation. Eventually, a widespread investigation was triggered across three countries in which the manufacturer had operations.
Gosalia: One notable aspect of how we became involved in the case is that we were brought in after the client’s initial provider was unable to handle the scale of the project due to pandemic-related travel restrictions in China, where the client was headquartered. Because we have a robust team and capabilities in-country in China and throughout Asia Pacific, we were able to meet the client’s needs and access a large portion of the data locally, without the need to relocate employees across borders during a pandemic.
During that time, lockdown restrictions were changing quickly and frequently in various jurisdictions. How did the team keep the work moving forward in such a state of flux?
Gosalia: Yes, it was a constantly moving target. We were onboarding the case in the very early days of the pandemic. Initially, because China was under lockdown and most of the data collections there needed to take place in-person, we planned to focus as much as possible on the U.S.-based work first. However, it wasn’t long before China was starting to reopen and the U.S. was essentially shutting down, which led to us reengineer the entire workflow. Ultimately, our teams were very agile and simultaneously managed in-person collections among the local teams in China and established a U.S.-based remote collection methodology that could accommodate the matter’s scale and data security requirements.
Another variable was that the lead law firm on the case did not have a team based in China and couldn’t get one there due to ongoing international travel bans. This put our local team in the position of serving as a trusted advisor and intermediary for the client and its legal counsel. The month before on-site collections began, the team conducted daily calls to establish trust and develop the foundation for a successful and efficient investigation, including scoping, organization and data charts, custodian questionnaires, collection processes and other documentation. We provided detailed explanations and justifications for our methods, why we needed access to certain documents and the technical nuances of how the data needed to be handled. In most cases of this nature, outside counsel is heavily involved in these discussions, but in this matter, our team played a significant advisory role given that we had people there on the ground with the client. Similarly, we maintained close partnership with the law firm so that they felt as though they had eyes and ears on how the case was being handled.
Logistical issues weren’t the only barriers in this case. Will you talk about some of the other key challenges?
Roberts: There were a lot of issues relating to the data itself. Given the nature of the case, the data set included sensitive information including intellectual property and trade secrets, which required the implementation of specific access and security controls during data collection, review, transfer and production. This included implementation of a secondary, portable database that remained on-site at the client location and other security controls including air-gapping and encryption to ensure that confidential R&D, source code and other IP did not leave the company. We ran search terms within the database and exported anything that was designated for top secret review only, so a select team of approved lawyers and investigators could review for relevancy to the investigation and redact information as needed before it was loaded back into the primary database.
We were also collecting from more than 80 custodians and dozens of systems and devices, de-duplicating collections across international borders, and handling thousands of paper documents and lab notes that had to be converted into a digital format for use within the analysis and review platform.
Underlying all of this was close coordination between our teams in China, the U.S. and elsewhere to ensure that we were applying the same methodologies and following the same approaches across the globe. FTI Technology’s involvement began in March 2020, and our production deadline was set for the end of November, so we had to move quickly but thoughtfully to deliver quality results.
Gosalia: Data protection regulations presented another major hurdle. We had to transfer data out of China and Europe to the U.S. for disclosure, but had to do so in compliance with China’s State Secrets Law and other data protection laws, as well as GDPR. Various legal, regulatory and client obligations required our team to enable, oversee and serve as intermediary for several separate review teams in China before any data was transferred. This included in-country responsiveness review of nearly 1 million documents across two Chinese law firms and a separate state secret review with a third Chinese law firm.
This ongoing matter represents one of the largest and most restrictive matters FTI Technology’s teams have encountered. Even so, the delivery has been a success story. What results have been delivered to date?
Roberts: Once data arrived in the U.S., we established a team of more than 40 managed document reviewers, working remotely, to re-review the documents for responsiveness, privilege and quality control. Despite all these layers of review we were able to meet the compliance deadline, having produced over 3 million pages. We also managed subsequent reviews and rolling productions ordered by the court following that initial deadline, including conducting data collection, review and compliant cross-border data transfer of more than 400GB of data for a custodian in Europe. Despite all the logistical, technical, legal and regulatory challenges and an aggressive opposing side, we’ve continued to deliver across every requirement.
Gosalia: This case is indeed one of the toughest we’ve faced and it’s incredibly high stakes for our client. The results really demonstrate the impact of our global reach and depth of our teams’ expertise. The fact that we provided local advisory and support in China when other providers couldn’t was critical to our client and legal counsel maintaining forward progress in a highly sensitive and complicated matter.
The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, its management, its subsidiaries, its affiliates, or its other professionals.